package com.dbky.alg.browser;

import com.dbky.alg.browser.logout.AlgLogoutSuccessHandler;
import com.dbky.alg.browser.session.AlgExpiredSessionStrategy;
import com.dbky.alg.browser.session.AlgSessionInformationExpiredStrategy;
import com.dbky.alg.core.properties.AlgSecurityProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
import org.springframework.security.web.session.InvalidSessionStrategy;
import org.springframework.security.web.session.SessionInformationExpiredStrategy;

/**
 * @Auther: tianchao
 * @Date: 2021/12/15 22:34
 * @Description:
 */
@Configuration
public class BrowserSecurityBeanConfig {
    @Autowired
    private AlgSecurityProperties algSecurityProperties;


    @Bean
    //用户可以通过实现一个InvalidSessionStrategy类型的bean来覆盖掉默认的实现--》NRSCInvalidSessionStrategy
    @ConditionalOnMissingBean(InvalidSessionStrategy.class)
    public InvalidSessionStrategy invalidSessionStrategy(){
        return new AlgExpiredSessionStrategy(algSecurityProperties.getBrowser().getSession().getSessionInvalidUrl());
    }

    @Bean
    @ConditionalOnMissingBean(SessionInformationExpiredStrategy.class)
    public SessionInformationExpiredStrategy sessionInformationExpiredStrategy(){
        return new AlgSessionInformationExpiredStrategy(algSecurityProperties.getBrowser().getSession().getSessionInvalidUrl());
    }

    @Bean
    @ConditionalOnMissingBean(LogoutSuccessHandler.class)
    public LogoutSuccessHandler logoutSuccessHandler(){
        return new AlgLogoutSuccessHandler(algSecurityProperties.getBrowser().getSignOutUrl());
    }
}
